As reported earlier that a hacker successfully breaks into jailbroken iPhones with SSH installed/enabled.
What the hacker did is he scanned all those Jailbroken iPhones with SSH enabled and Default root password. Using that password he then sent a message to the hacked iPhones.
If you have jailbreak your iPhone and want to secure yourself from such infiltration, only thing you need to do is that enable SSH only when needed and make sure you change the root password used to SSH into iPhone.
Change Root Password of Your iPhone
In this iPhone guide you will learn how to change root password of your jailbroken iPhone or iTouch. Install the MobileTerminal. If you don’t have MobileTerminal installed in your iPhone then:
Open the Cydia and go to Search Tab. Search for MobileTerminal.
Tap the MobileTerminal from the search results.
Tap the Install button at the top-right
Now tap the confirm button at the top-right.
Once you’re done with the installation, press the big Return to Cydia button.
Now press the Home button to close the Cydia and open the MobileTerminal from your iPhone SpringBoard.
type su and press return key at the bottom-right.
Now input alpine as your password and press return key.
Once the password is entered correctly, you’ll be logged in as root user.
Now input passwd and press return key
You will be prompted to input a new password for root. Input your desired new password and press return.
you’ll be asked to retype your new password again and hit return key.
You have changed your root password used to SSH into iPhone. Now you need to change your mobile password as well (thanks Jim for the tip)
Now type passwd mobile and hit return key.
Old Password: alpine
then you’ll be asked for new password twice. It is OK to use the same new password you used for the root account. Just don’t use ‘alpine’.
You’ve secured your iPhone by changing root password from unauthorized access.
You may also like:
- How to Unlock iPhone 3GS, 3G OS 3.1.2 Baseband 05.11.07 Using BlackSn0w
- How to Install Cracked Apps on iPhone OS 3.1.2 *Without WIFI*
- How to Enable Tethering on iPhone OS 3.1.2
- How to Enable MMS on iPhone 2G OS 3.1.2
Don’t forget to Follow us on Twitter or Subscribe via RSS to receive latest iPhone related Guides hacks and much more.
Thank you for the info
Hi again iPhoneHeat,
This is very good — but as threats become more serious, I think it is essential that people also change their password for the ‘mobile’ account. The mobile account is just as vulnerable as the root account and it holds ALL your data! It has the same password as ‘root’, and I think it will be a very short while before a criminal hacker will start to use that hole: most tutorials, including yours, now tell people to change the root password, but they forget mobile.
USERS READING THIS: After doing the steps above, with the terminal still running, you should type:
passwd mobile
and it asks for your new password (twice). It is OK to use the same new password you used for the root account. Just don’t use ‘alpine’.
Thanks for the tip Jim..
Updating..
Hey,
Very good guide, but that password doesn’t work on my iPhone,
is there any other??
I have already reloaded the firmware and reinstalled everything and still nothing..
Can you please help?
iPhone 3G 3.1.2
JailBroken
Thanks
nT
which password?
The User password, both root and mobile, it is not alpine.. :S
Thanks for the reply.
defaults are alpine..
So I’ve seen everywere but not on mine 🙁
Try “dottie”. That used to be the password a long time ago.
Hi,
I love the theme in the iphone pictures! Any idea which one it is? (The 5th picture)
thanks!
Reese
check out the iPhone themes section:
http://www.iphoneheat.com/category/iphone-themes/
I am trying to use your methods but once I type in su, it asks for a password and although I am trying to type, nothing shows up on the screen.
what’s wrong?
Password remains invisible .. just type the correct password and hit the return button on iPhone keyboard
Once you have made all the changes within MobileTerminal do we have to keep that package installed or can we uninstall it?
When you have changed the two passwords, you can remove MobileTerminal.
I got a new iphone 3Gs last month Dec-09 but it is not taking the default password as alpine for root or mobile. Not sure if it is changed in the new version… can someone help.
Thanks in advance.
What if MobileTerminal doesn’t work? I downloaded this application on a jailbroken iPhone 3G running iOS4 (or whatever the comparable Jailbroken OS is).
The version of Mobile Terminal available on Cydia does not work with 4.0. You need to get a different version, the link and all of the yelling from everyone involved is at http://code.google.com/p/mobileterminal/issues/detail?id=172. Just go with what Saurik says.
iPhoneHeat, fantastic tutorial! Very well done. You may have to do another regarding Mobile Terminal for 4.0, and if so, iPhone Explorer is a fantastic tool for us noobs to use (haven’t got the hang of SSH yet…).
I tried your tutorial. I have good net, and all. But once I hit Terminal Open, it just immediately closes. @_@ So I removed it and installed it, still the same. What should I do? I’m on iOS 4.1
i have an iphone 5. its new but i dnt know how to change the password. plzzz help me
Have iphone 5s even come out yet? And also, thanks for the guide, it makes it really easy to understand for someone who knows little.
I installed MobileTerminal but when i try to run the program it opens and then closes quickly. What is wrong?
Thanks for the tip. However, as soon as I enter the command “su”, all input is frozen except for when I hit the “return” button. Any Help?
what theme is that!!!! reply ASAP
if something doesn’t work then google it! My terminal didn’t work eith but a quick goole soled that issue.
I also could not change my password with the command said in this. I googled it and found that i have to type “passwd” (jail break with green poison maybe?) instead of password for both of them. Anyway my point is that I have no idea what I am doing and figured it out with no problem just from searching…..
please delete this one
if something doesn’t work then google it! My terminal didn’t work either but a quick google solved that issue.
I also couldn’t change my password with the command in this guide. I simply googled it and found that I have to type “passwd” (jail break with green poison maybe?) instead of “password” for both of them. Anyway my point is that I have no idea what I am doing and figured it out with no problem from just searching on google!!!
I have installed mobile terminal but when I click it, it just goes back to the home page. So I can’t type anything. what should I do? I have reinstalled it but the same thing happens.
It keeps telling me after su then hit return then I type alpine it says password incorerect but it works for the passwd mobile. I am using an iPhone 4
Heyy, it doesnt let me download “OpenSSH”!! It says it wasnt able to locate the file for the openssl package and that i might need to manually fix the package?? Not sure what to do..